Your signature helps prove authenticity, and by adding a signature to your URL, this helps prevent imposters pretending to be you.
Be sure to always generate signatures from your server side application and never from the client as it would leak the private key.
import crypto from "crypto";
const url = 'https://blockchain.com/pay/widget'
const walletAddress = "address";
const walletAddressSignature = crypto
.createHmac("sha256", "secret-api-key")
.update(walletAddress)
.digest("hex");
const finalUrl = `${url}?walletAddress=${walletAddress}&walletAddressSignature=${walletAddressSignature}`
import crypto from "crypto";
const url = 'https://blockchain.com/pay/widget'
const redirectUrl = "https://example.com/?additionalParam=data";
const encodedRedirectUrl = encodeURIComponent(redirectUrl);
const redirectUrlSignature = crypto
.createHmac("sha256", "secret-api-key")
.update(encodedRedirectUrl)
.digest("hex");
const finalUrl = `${url}?redirectUrl=${encodedRedirectUrl}&redirectUrlSignature=${redirectUrlSignature}`